In recent years, various techniques for detecting tampering with a program have been developed. A typical example of such a technique is disclosed in Patent Document 1 listed below.
According to Patent Document 1, tampering with a target program is detected by comparing authentication data generated by applying a one-way hash function to the target program, with comparative data generated by applying the hash function to a program known to be authentic. Unfortunately, however, the process of generating a hash value of the entire program requires a great deal of time. For this disadvantage, in the case where such a tamper detection process is performed in parallel with execution of another program, a problem may be caused in execution of the other program.
Patent Document 2 discloses a technique of verifying the authenticity of a program without the use of a hash value. Instead of using a hash value, the authenticity is verified based on whether the program satisfies a predetermined condition at run time. Specifically, it is judged, as the predetermined condition, whether or not the return address of the program is within a predetermined address space, the execution mode is correct, or the processing completes within a predetermined time period. Failing to satisfy the predetermined condition, the program is judged to have been tampered with. According to this technique, it is not necessary to generate a hash value, so that the time required for tamper detection is reduced.
Patent Document 1: U.S. Pat. No. 6,026,293
Patent Document 2: U.S. Pat. No. 6,178,509